<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/** SQL Parser Functions for phpMyAdmin
 *
 * These functions define an SQL parser system, capable of understanding and
 * extracting data from a MySQL type SQL query.
 *
 * The basic procedure for using the new SQL parser:
 * On any page that needs to extract data from a query or to pretty-print a
 * query, you need code like this up at the top:
 *
 * ($sql contains the query)
 * $parsed_sql = PMA_SQP_parse($sql);
 *
 * If you want to extract data from it then, you just need to run
 * $sql_info = PMA_SQP_analyze($parsed_sql);
 *
 * See comments in PMA_SQP_analyze for the returned info
 * from the analyzer.
 *
 * If you want a pretty-printed version of the query, do:
 * $string = PMA_SQP_format($parsed_sql);
 * (note that that you need to have syntax.css.php included somehow in your
 * page for it to work, I recommend '<link rel="stylesheet" type="text/css"
 * href="syntax.css.php" />' at the moment.)
 *
 * @package PhpMyAdmin
 */
if (! defined('PHPMYADMIN')) {
    exit;
}

/**
 * Include data for the SQL Parser
 */
require_once './libraries/sqlparser.data.php';

/**
 * Charset information
 */
if (!defined('TESTSUITE') && ! PMA_DRIZZLE) {
    include_once './libraries/mysql_charsets.inc.php';
}
if (! isset($mysql_charsets)) {
    $mysql_charsets = array();
    $mysql_collations_flat = array();
}

/**
 * Stores parsed elements of query to array.
 *
 * @param array  &$arr     Array to store element
 * @param string $type     Type of element
 * @param string $data     Data (text) of element
 * @param int    &$arrsize Size of array
 * @param int    $pos      Position of an element
 *
 * @return void
 */
function PMA_SQP_arrayAdd(&$arr, $type, $data, &$arrsize, $pos = 0)
{
    $arr[] = array('type' => $type, 'data' => $data, 'pos' => $pos);
    $arrsize++;
} // end of the "PMA_SQP_arrayAdd()" function

/**
 * Reset the error variable for the SQL parser
 *
 * @access public
 *
 * @return void
 */
function PMA_SQP_resetError()
{
    global $SQP_errorString;
    $SQP_errorString = '';
    unset($SQP_errorString);
}

/**
 * Get the contents of the error variable for the SQL parser
 *
 * @return string Error string from SQL parser
 *
 * @access public
 */
function PMA_SQP_getErrorString()
{
    global $SQP_errorString;
    return isset($SQP_errorString) ? $SQP_errorString : '';
}

/**
 * Check if the SQL parser hit an error
 *
 * @return boolean error state
 *
 * @access public
 */
function PMA_SQP_isError()
{
    global $SQP_errorString;
    return isset($SQP_errorString) && !empty($SQP_errorString);
}

/**
 * Set an error message for the system
 *
 * @param string $message The error message
 * @param string $sql     The failing SQL query
 *
 * @return void
 *
 * @access private
 * @scope SQL Parser internal
 */
function PMA_SQP_throwError($message, $sql)
{
    global $SQP_errorString;
    $SQP_errorString = '<p>'
        . __(
            'There seems to be an error in your SQL query. The MySQL server '
            . 'error output below, if there is any, may also help you in '
            . 'diagnosing the problem.'
        )
        . '</p>' . "\n"
        . '<pre>' . "\n"
        . 'ERROR: ' . $message . "\n"
        . 'SQL: ' . htmlspecialchars($sql) .  "\n"
        . '</pre>' . "\n";

} // end of the "PMA_SQP_throwError()" function


/**
 * Do display the bug report
 *
 * @param string $message The error message
 * @param string $sql     The failing SQL query
 *
 * @return void
 *
 * @access public
 */
function PMA_SQP_bug($message, $sql)
{
    global $SQP_errorString;
    $debugstr = 'ERROR: ' . $message . "\n";
    $debugstr .= 'MySQL: ' . PMA_MYSQL_STR_VERSION . "\n";
    $debugstr .= 'USR OS, AGENT, VER: ' . PMA_USR_OS . ' ';
    $debugstr .= PMA_USR_BROWSER_AGENT . ' ' . PMA_USR_BROWSER_VER . "\n";
    $debugstr .= 'PMA: ' . PMA_VERSION . "\n";
    $debugstr .= 'PHP VER,OS: ' . PMA_PHP_STR_VERSION . ' ' . PHP_OS . "\n";
    $debugstr .= 'LANG: ' . $GLOBALS['lang'] . "\n";
    $debugstr .= 'SQL: ' . htmlspecialchars($sql);

    $encodedstr     = $debugstr;
    if (@function_exists('gzcompress')) {
        $encodedstr = gzcompress($debugstr, 9);
    }
    $encodedstr     = preg_replace(
        "/(\015\012)|(\015)|(\012)/",
        '<br />' . "\n",
        chunk_split(base64_encode($encodedstr))
    );

    $SQP_errorString .= __(
        'There is a chance that you may have found a bug in the SQL parser. '
        . 'Please examine your query closely, and check that the quotes are '
        . 'correct and not mis-matched. Other possible failure causes may be '
        . 'that you are uploading a file with binary outside of a quoted text '
        . 'area. You can also try your query on the MySQL command line '
        . 'interface. The MySQL server error output below, if there is any, '
        . 'may also help you in diagnosing the problem. If you still have '
        . 'problems or if the parser fails where the command line interface '
        . 'succeeds, please reduce your SQL query input to the single query '
        . 'that causes problems, and submit a bug report with the data chunk '
        . 'in the CUT section below:'
    );
    $SQP_errorString .=  '<br />' . "\n"
        . '----' . __('BEGIN CUT') . '----' . '<br />' . "\n"
        . $encodedstr . "\n"
        . '----' . __('END CUT') . '----' . '<br />' . "\n";

    $SQP_errorString .= '----' . __('BEGIN RAW') . '----<br />' . "\n"
        . '<pre>' . "\n"
        . $debugstr
        . '</pre>' . "\n"
        . '----' . __('END RAW') . '----<br />' . "\n";

} // end of the "PMA_SQP_bug()" function


/**
 * Parses the SQL queries
 *
 * @param string $sql The SQL query list
 *
 * @return mixed Most of times, nothing...
 *
 * @global array    The current PMA configuration
 * @global array    MySQL column attributes
 * @global array    MySQL reserved words
 * @global array    MySQL column types
 * @global array    MySQL function names
 * @global array    List of available character sets
 * @global array    List of available collations
 *
 * @access public
 */
function PMA_SQP_parse($sql)
{
    static $PMA_SQPdata_column_attrib, $PMA_SQPdata_reserved_word;
    static $PMA_SQPdata_column_type;
    static $PMA_SQPdata_function_name, $PMA_SQPdata_forbidden_word;
    global $mysql_charsets, $mysql_collations_flat;

    /** @var PMA_String $pmaString */
    $pmaString = $GLOBALS['PMA_String'];

    // Convert all line feeds to Unix style
    $sql = str_replace("\r\n", "\n", $sql);
    $sql = str_replace("\r", "\n", $sql);

    $len = /*overload*/mb_strlen($sql);
    if ($len == 0) {
        return array();
    }

    // Create local hashtables
    if (!isset($PMA_SQPdata_column_attrib)) {
        $PMA_SQPdata_column_attrib  = array_flip(
            $GLOBALS['PMA_SQPdata_column_attrib']
        );
        $PMA_SQPdata_function_name  = array_flip(
            $GLOBALS['PMA_SQPdata_function_name']
        );
        $PMA_SQPdata_reserved_word  = array_flip(
            $GLOBALS['PMA_SQPdata_reserved_word']
        );
        $PMA_SQPdata_forbidden_word = array_flip(
            $GLOBALS['PMA_SQPdata_forbidden_word']
        );
        $PMA_SQPdata_column_type    = array_flip(
            $GLOBALS['PMA_SQPdata_column_type']
        );
    }

    $sql_array               = array();
    $sql_array['raw']        = $sql;
    $count2                  = 0;
    $punct_queryend          = ';';
    $punct_qualifier         = '.';
    $punct_listsep           = ',';
    $bracket_list            = '()[]{}';
    $allpunct_list           =  '-,;:!?/.^~\*&%+<=>|';
    $allpunct_list_pair      = array(
        '!=' => 1,
        '&&' => 1,
        ':=' => 1,
        '<<' => 1,
        '<=' => 1,
        '<=>' => 1,
        '<>' => 1,
        '>=' => 1,
        '>>' => 1,
        '||' => 1,
        '==' => 1
    );
    $quote_list              = '\'"`';
    $arraysize               = 0;

    $this_was_space       = false;
    $this_was_bracket     = false;
    $this_was_punct       = false;
    $this_was_listsep     = false;
    $this_was_quote       = false;

    while ($count2 < $len) {
        $c      = /*overload*/mb_substr($sql, $count2, 1);
        $count1 = $count2;

        $previous_was_space = $this_was_space;
        $this_was_space = false;
        $previous_was_bracket = $this_was_bracket;
        $this_was_bracket = false;
        $previous_was_punct = $this_was_punct;
        $this_was_punct = false;
        $previous_was_listsep = $this_was_listsep;
        $this_was_listsep = false;
        $previous_was_quote = $this_was_quote;
        $this_was_quote = false;

        if (($c === "\n")) {
            $this_was_space = true;
            $count2++;
            PMA_SQP_arrayAdd($sql_array, 'white_newline', "\n", $arraysize, $count2);
            continue;
        }

        // Checks for white space
        if ($pmaString->isSpace($c)) {
            $this_was_space = true;
            $count2++;
            continue;
        }

        // Checks for comment lines.
        // MySQL style #
        // C style /* */
        // ANSI style --
        $next_c = /*overload*/mb_substr($sql, $count2 + 1, 1);
        if (($c == '#')
            || (($count2 + 1 < $len) && ($c == '/') && ($next_c == '*'))
            || (($count2 + 2 == $len) && ($c == '-') && ($next_c == '-'))
            || (($count2 + 2 < $len) && ($c == '-') && ($next_c == '-')
            && ((/*overload*/mb_substr($sql, $count2 + 2, 1) <= ' ')))
        ) {
            $count2++;
            $pos  = 0;
            $type = 'bad';
            switch ($c) {
            case '#':
                $type = 'mysql';
                $pos  = /*overload*/mb_strpos($sql, "\n", $count2);
                break;
            case '-':
                $type = 'ansi';
                $pos  = /*overload*/mb_strpos($sql, "\n", $count2);
                break;
            case '/':
                $type = 'c';
                $pos  = /*overload*/mb_strpos($sql, '*/', $count2);
                $pos  += 2;
                break;
            default:
                break;
            } // end switch
            $count2 = ($pos < $count2) ? $len : $pos;
            $str    = /*overload*/mb_substr(
                $sql, $count1, $count2 - $count1
            );
            PMA_SQP_arrayAdd(
                $sql_array, 'comment_' . $type, $str, $arraysize, $count2
            );
            continue;
        } // end if

        // Checks for something inside quotation marks
        if (/*overload*/mb_strpos($quote_list, $c) !== false) {
            $startquotepos   = $count2;
            $quotetype       = $c;
            $count2++;
            $pos             = $count2;
            do {
                $oldpos = $pos;
                $pos    = /*overload*/mb_strpos(
                    ' ' . $sql, $quotetype, $oldpos + 1
                ) - 1;
                // ($pos === false)
                if ($pos < 0) {
                    if ($c != '`') {
                        $debugstr = __('Unclosed quote')
                            . ' @ ' . $startquotepos . "\n"
                            . 'STR: ' . htmlspecialchars($quotetype);
                        PMA_SQP_throwError($debugstr, $sql);
                        return $sql_array;
                    }

                    /*
                     * Behave same as MySQL and accept end of query as end
                     * of backtick.
                     * I know this is sick, but MySQL behaves like this:
                     *
                     * SELECT * FROM `table
                     *
                     * is treated like
                     *
                     * SELECT * FROM `table`
                     */
                    $pos_quote_separator = /*overload*/mb_strpos(
                        ' ' . $sql, $GLOBALS['sql_delimiter'], $oldpos + 1
                    ) - 1;
                    if ($pos_quote_separator < 0) {
                        $len += 1;
                        $sql .= '`';
                        $sql_array['raw'] .= '`';
                        $pos = $len;
                    } else {
                        $len += 1;
                        $sql = /*overload*/mb_substr(
                            $sql, 0, $pos_quote_separator
                        ) . '`' . /*overload*/mb_substr(
                            $sql, $pos_quote_separator
                        );
                        $sql_array['raw'] = $sql;
                        $pos = $pos_quote_separator;
                    }
                    if (class_exists('PMA_Message')
                        && $GLOBALS['is_ajax_request'] != true
                    ) {
                        PMA_Message::notice(
                            __('Automatically appended backtick to the end of query!')
                        )->display();
                    }
                }

                // If the quote is the first character, it can't be
                // escaped, so don't do the rest of the code
                if ($pos == 0) {
                    break;
                }

                // Checks for MySQL escaping using a \
                // And checks for ANSI escaping using the $quotetype character
                if (($pos < $len)
                    && $pmaString->charIsEscaped($sql, $pos)
                    && $c != '`'
                ) {
                    $pos ++;
                    continue;
                } elseif (($pos + 1 < $len)
                    && (/*overload*/mb_substr($sql, $pos, 1) == $quotetype)
                    && (/*overload*/mb_substr($sql, $pos + 1, 1) == $quotetype)
                ) {
                    $pos = $pos + 2;
                    continue;
                } else {
                    break;
                }
            } while ($len > $pos); // end do

            $count2       = $pos;
            $count2++;
            $type         = 'quote_';
            switch ($quotetype) {
            case '\'':
                $type .= 'single';
                $this_was_quote = true;
                break;
            case '"':
                $type .= 'double';
                $this_was_quote = true;
                break;
            case '`':
                $type .= 'backtick';
                $this_was_quote = true;
                break;
            default:
                break;
            } // end switch
            $data = /*overload*/mb_substr($sql, $count1, $count2 - $count1);
            PMA_SQP_arrayAdd($sql_array, $type, $data, $arraysize, $count2);
            continue;
        }

        // Checks for brackets
        if (/*overload*/mb_strpos($bracket_list, $c) !== false) {
            // All bracket tokens are only one item long
            $this_was_bracket = true;
            $count2++;
            if (/*overload*/mb_strpos('([{', $c) !== false) {
                $type_type = 'open';
            } else {
                $type_type = 'close';
            }

            if (/*overload*/mb_strpos('()', $c) !== false) {
                $type_style = 'round';
            } elseif (/*overload*/mb_strpos('[]', $c) !== false) {
                $type_style = 'square';
            } else {
                $type_style = 'curly';
            }

            $type = 'punct_bracket_' . $type_type . '_' . $type_style;
            PMA_SQP_arrayAdd($sql_array, $type, $c, $arraysize, $count2);
            continue;
        }

        /* DEBUG
        echo '<pre>1';
        var_dump($pmaString->isSqlIdentifier($c, false));
        var_dump($c == '@');
        var_dump($c == '.');
        var_dump(
            $pmaString->isDigit(
                $pmaString->substr($sql, $count2 + 1, 1)
            )
        );
        var_dump($previous_was_space);
        var_dump($previous_was_bracket);
        var_dump($previous_was_listsep);
        echo '</pre>';
        */

        // Checks for identifier (alpha or numeric)
        if ($pmaString->isSqlIdentifier($c, false)
            || $c == '@'
            || ($c == '.'
            && $pmaString->isDigit(/*overload*/mb_substr($sql, $count2 + 1, 1))
            && ($previous_was_space || $previous_was_bracket
            || $previous_was_listsep))
        ) {
            /* DEBUG
            echo $pmaString->substr($sql, $count2);
            echo '<hr />';
            */

            $count2++;

            /**
             * @todo a @ can also be present in expressions like
             * FROM 'user'@'%' or  TO 'user'@'%'
             * in this case, the @ is wrongly marked as alpha_variable
             */
            $is_identifier           = $previous_was_punct;
            $is_sql_variable         = $c == '@' && ! $previous_was_quote;
            $is_user                 = $c == '@' && $previous_was_quote;
            $is_digit                = (
                !$is_identifier
                && !$is_sql_variable
                && $pmaString->isDigit($c)
            );
            $is_hex_digit            = (
                $is_digit
                && $c == '0'
                && $count2 < $len
                && /*overload*/mb_substr($sql, $count2, 1) == 'x'
            );
            $is_float_digit          = $c == '.';
            $is_float_digit_exponent = false;

            /* DEBUG
            echo '<pre>2';
            var_dump($is_identifier);
            var_dump($is_sql_variable);
            var_dump($is_digit);
            var_dump($is_float_digit);
            echo '</pre>';
             */

            // Fast skip is especially needed for huge BLOB data
            if ($is_hex_digit) {
                $count2++;
                $pos = strspn($sql, '0123456789abcdefABCDEF', $count2);
                if ($pos > $count2) {
                    $count2 = $pos;
                }
                unset($pos);
            } elseif ($is_digit) {
                $pos = strspn($sql, '0123456789', $count2);
                if ($pos > $count2) {
                    $count2 = $pos;
                }
                unset($pos);
            }

            while (($count2 < $len)
                && $pmaString->isSqlIdentifier(
                    /*overload*/mb_substr($sql, $count2, 1),
                    ($is_sql_variable || $is_digit)
                )
            ) {
                $c2 = /*overload*/mb_substr($sql, $count2, 1);
                if ($is_sql_variable && ($c2 == '.')) {
                    $count2++;
                    continue;
                }
                if ($is_digit && (!$is_hex_digit) && ($c2 == '.')) {
                    $count2++;
                    if (!$is_float_digit) {
                        $is_float_digit = true;
                        continue;
                    } else {
                        $debugstr = __('Invalid Identifer')
                            . ' @ ' . ($count1+1) . "\n"
                            . 'STR: ' . htmlspecialchars(
                                /*overload*/mb_substr(
                                    $sql, $count1, $count2 - $count1
                                )
                            );
                        PMA_SQP_throwError($debugstr, $sql);
                        return $sql_array;
                    }
                }
                if ($is_digit
                    && (!$is_hex_digit)
                    && (($c2 == 'e') || ($c2 == 'E'))
                ) {
                    if (!$is_float_digit_exponent) {
                        $is_float_digit_exponent = true;
                        $is_float_digit          = true;
                        $count2++;
                        continue;
                    } else {
                        $is_digit                = false;
                        $is_float_digit          = false;
                    }
                }
                if (($is_hex_digit && $pmaString->isHexDigit($c2))
                    || ($is_digit && $pmaString->isDigit($c2))
                ) {
                    $count2++;
                    continue;
                } else {
                    $is_digit     = false;
                    $is_hex_digit = false;
                }

                $count2++;
            } // end while

            $l    = $count2 - $count1;
            $str  = /*overload*/mb_substr($sql, $count1, $l);

            if ($is_digit || $is_float_digit || $is_hex_digit) {
                $type = 'digit';
                if ($is_float_digit) {
                    $type .= '_float';
                } elseif ($is_hex_digit) {
                    $type .= '_hex';
                } else {
                    $type .= '_integer';
                }
            } elseif ($is_user) {
                $type = 'punct_user';
            } elseif ($is_sql_variable != false) {
                $type = 'alpha_variable';
            } else {
                $type = 'alpha';
            } // end if... else....
            PMA_SQP_arrayAdd($sql_array, $type, $str, $arraysize, $count2);

            continue;
        }

        // Checks for punct
        if (/*overload*/mb_strpos($allpunct_list, $c) !== false) {
            while (($count2 < $len)
                && /*overload*/mb_strpos(
                    $allpunct_list, /*overload*/mb_substr(
                        $sql, $count2, 1
                    )
                ) !== false
            ) {
                $count2++;
            }
            $l = $count2 - $count1;
            if ($l == 1) {
                $punct_data = $c;
            } else {
                $punct_data = /*overload*/mb_substr($sql, $count1, $l);
            }

            // Special case, sometimes, although two characters are
            // adjacent directly, they ACTUALLY need to be separate
            /* DEBUG
            echo '<pre>';
            var_dump($l);
            var_dump($punct_data);
            echo '</pre>';
            */

            if ($l == 1) {
                $t_suffix         = '';
                switch ($punct_data) {
                case $punct_queryend:
                    $t_suffix = '_queryend';
                    break;
                case $punct_qualifier:
                    $t_suffix = '_qualifier';
                    $this_was_punct = true;
                    break;
                case $punct_listsep:
                    $this_was_listsep = true;
                    $t_suffix = '_listsep';
                    break;
                default:
                    break;
                }
                PMA_SQP_arrayAdd(
                    $sql_array, 'punct' . $t_suffix, $punct_data, $arraysize, $count2
                );
            } elseif ($punct_data == $GLOBALS['sql_delimiter']
                || isset($allpunct_list_pair[$punct_data])
            ) {
                // Ok, we have one of the valid combined punct expressions
                PMA_SQP_arrayAdd(
                    $sql_array, 'punct', $punct_data, $arraysize, $count2
                );
            } else {
                // Bad luck, lets split it up more
                $first  = $punct_data[0];
                $last2  = $punct_data[$l - 2] . $punct_data[$l - 1];
                $last   = $punct_data[$l - 1];
                if (($first == ',') || ($first == ';') || ($first == '.')
                    || ($first == '*')
                ) {
                    $count2     = $count1 + 1;
                    $punct_data = $first;
                } elseif (($last2 == '/*')
                    || (($last2 == '--')
                    && ($count2 == $len
                    || /*overload*/mb_substr($sql, $count2, 1) <= ' '))
                ) {
                    $count2     -= 2;
                    $punct_data = /*overload*/mb_substr(
                        $sql, $count1, $count2 - $count1
                    );
                } elseif (($last == '-') || ($last == '+') || ($last == '!')) {
                    $count2--;
                    $punct_data = /*overload*/mb_substr(
                        $sql, $count1, $count2 - $count1
                    );
                } elseif ($last != '~') {
                    /**
                     * @todo for negation operator, split in 2 tokens ?
                     * "select x&~1 from t"
                     * becomes "select x & ~ 1 from t" ?
                     */
                    $debugstr =  __('Unknown Punctuation String')
                        . ' @ ' . ($count1+1) . "\n"
                        . 'STR: ' . htmlspecialchars($punct_data);
                    PMA_SQP_throwError($debugstr, $sql);
                    return $sql_array;
                }
                PMA_SQP_arrayAdd(
                    $sql_array, 'punct', $punct_data, $arraysize, $count2
                );
                continue;
            } // end if... elseif... else
            continue;
        }

        // DEBUG
        $count2++;

        $debugstr = 'C1 C2 LEN: ' . $count1 . ' ' . $count2 . ' ' . $len .  "\n"
            . 'STR: ' . /*overload*/mb_substr(
                $sql, $count1, $count2 - $count1
            ) . "\n";
        PMA_SQP_bug($debugstr, $sql);
        return $sql_array;

    } // end while ($count2 < $len)

    /*
    echo '<pre>';
    print_r($sql_array);
    echo '</pre>';
    */

    if ($arraysize > 0) {
        $t_next           = $sql_array[0]['type'];
        $t_prev           = '';
        $t_cur            = '';
        $d_next           = $sql_array[0]['data'];
        $d_prev           = '';
        $d_cur            = '';
        $d_next_upper     = $t_next == 'alpha'
            ? /*overload*/mb_strtoupper($d_next)
            : $d_next;
        $d_prev_upper     = '';
        $d_cur_upper      = '';
    }

    for ($i = 0; $i < $arraysize; $i++) {
        $t_prev           = $t_cur;
        $t_cur            = $t_next;
        $d_prev           = $d_cur;
        $d_cur            = $d_next;
        $d_bef_prev_upper = $d_prev_upper;
        $d_prev_upper     = $d_cur_upper;
        $d_cur_upper      = $d_next_upper;
        if (($i + 1) < $arraysize) {
            $t_next = $sql_array[$i + 1]['type'];
            $d_next = $sql_array[$i + 1]['data'];
            $d_next_upper
                = $t_next == 'alpha' ? /*overload*/mb_strtoupper($d_next) : $d_next;
        } else {
            $t_next       = '';
            $d_next       = '';
            $d_next_upper = '';
        }

        /* DEBUG
        echo "[prev: <strong>".$d_prev."</strong> ".$t_prev."][cur: <strong>"
            . $d_cur."</strong> ".$t_cur."][next: <strong>".$d_next."</strong> "
            . $t_next."]<br />";
        */

        if ($t_cur == 'alpha') {
            $t_suffix     = '_identifier';
            // for example: `thebit` bit(8) NOT NULL DEFAULT b'0'
            if ($t_prev == 'alpha' && $d_prev == 'DEFAULT' && $d_cur == 'b'
                && $t_next == 'quote_single'
            ) {
                $t_suffix = '_bitfield_constant_introducer';
            } elseif (($t_next == 'punct_qualifier')
                || ($t_prev == 'punct_qualifier')
            ) {
                $t_suffix = '_identifier';
            } elseif (($t_next == 'punct_bracket_open_round')
                && isset($PMA_SQPdata_function_name[$d_cur_upper])
            ) {
                /**
                 * @todo 2005-10-16: in the case of a CREATE TABLE containing
                 * a TIMESTAMP, since TIMESTAMP() is also a function, it's
                 * found here and the token is wrongly marked as alpha_functionName.
                 * But we compensate for this when analysing for timestamp_not_null
                 * later in this script.
                 *
                 * Same applies to CHAR vs. CHAR() function.
                 */
                $t_suffix = '_functionName';
                /* There are functions which might be as well column types */
            } elseif (isset($PMA_SQPdata_column_type[$d_cur_upper])) {
                $t_suffix = '_columnType';

                /**
                 * Temporary fix for bugs #621357 and #2027720
                 *
                 * @todo FIX PROPERLY NEEDS OVERHAUL OF SQL TOKENIZER
                 */
                if (($d_cur_upper == 'SET' || $d_cur_upper == 'BINARY')
                    && $t_next != 'punct_bracket_open_round'
                ) {
                    $t_suffix = '_reservedWord';
                }
                //END OF TEMPORARY FIX

                // CHARACTER is a synonym for CHAR, but can also be meant as
                // CHARACTER SET. In this case, we have a reserved word.
                if ($d_cur_upper == 'CHARACTER' && $d_next_upper == 'SET') {
                    $t_suffix = '_reservedWord';
                }

                // experimental
                // current is a column type, so previous must not be
                // a reserved word but an identifier
                // CREATE TABLE SG_Persons (first varchar(64))

                //if ($sql_array[$i-1]['type'] =='alpha_reservedWord') {
                //    $sql_array[$i-1]['type'] = 'alpha_identifier';
                //}

            } elseif (isset($PMA_SQPdata_reserved_word[$d_cur_upper])) {
                $t_suffix = '_reservedWord';
            } elseif (isset($PMA_SQPdata_column_attrib[$d_cur_upper])) {
                $t_suffix = '_columnAttrib';
                // INNODB is a MySQL table type, but in "SHOW ENGINE INNODB STATUS",
                // it should be regarded as a reserved word.
                if ($d_cur_upper == 'INNODB'
                    && $d_prev_upper == 'SHOW'
                    && $d_next_upper == 'STATUS'
                ) {
                    $t_suffix = '_reservedWord';
                }

                if ($d_cur_upper == 'DEFAULT' && $d_next_upper == 'CHARACTER') {
                    $t_suffix = '_reservedWord';
                }
                // Binary as character set
                if ($d_cur_upper == 'BINARY'
                    && (($d_bef_prev_upper == 'CHARACTER' && $d_prev_upper == 'SET')
                    || ($d_bef_prev_upper == 'SET' && $d_prev_upper == '=')
                    || ($d_bef_prev_upper == 'CHARSET' && $d_prev_upper == '=')
                    || $d_prev_upper == 'CHARSET')
                    && in_array($d_cur, $mysql_charsets)
                ) {
                    $t_suffix = '_charset';
                }
            } elseif (in_array($d_cur, $mysql_charsets)
                || in_array($d_cur, $mysql_collations_flat)
                || ($d_cur{0} == '_'
                && in_array(/*overload*/mb_substr($d_cur, 1), $mysql_charsets))
            ) {
                $t_suffix = '_charset';
            } else {
                // Do nothing
            }
            // check if present in the list of forbidden words
            if ($t_suffix == '_reservedWord'
                && isset($PMA_SQPdata_forbidden_word[$d_cur_upper])
            ) {
                $sql_array[$i]['forbidden'] = true;
            } else {
                $sql_array[$i]['forbidden'] = false;
            }
            $sql_array[$i]['type'] .= $t_suffix;
        }
    } // end for

    // Stores the size of the array inside the array, as count() is a slow
    // operation.
    $sql_array['len'] = $arraysize;

    // DEBUG echo 'After parsing<pre>'; print_r($sql_array); echo '</pre>';
    // Sends the data back
    return $sql_array;
} // end of the "PMA_SQP_parse()" function

/**
 * Checks for token types being what we want...
 *
 * @param string $toCheck    String of type that we have
 * @param string $whatWeWant String of type that we want
 *
 * @return boolean result of check
 *
 * @access private
 */
function PMA_SQP_typeCheck($toCheck, $whatWeWant)
{
    $typeSeparator = '_';
    if (strcmp($whatWeWant, $toCheck) == 0) {
        return true;
    }

    if (/*overload*/mb_strpos($whatWeWant, $typeSeparator) !== false) {
        return false;
    }

    return strncmp(
        $whatWeWant, $toCheck,
        /*overload*/mb_strpos($toCheck, $typeSeparator)
    ) == 0;
}


/**
 * Analyzes SQL queries
 *
 * @param array $arr The SQL queries
 *
 * @return array   The analyzed SQL queries
 *
 * @access public
 */
function PMA_SQP_analyze($arr)
{
    if ($arr == array() || ! isset($arr['len'])) {
        return array();
    }
    $result          = array();
    $size            = $arr['len'];
    $subresult       = array(
        'querytype'      => '',
        // the whole stuff between SELECT and FROM , except DISTINCT
        'select_expr_clause'=> '',
        'position_of_first_select' => '', // the array index
        'from_clause'=> '',
        'group_by_clause'=> '',
        'order_by_clause'=> '',
        'having_clause'  => '',
        'limit_clause'  => '',
        'where_clause'   => '',
        'where_clause_identifiers'   => array(),
        'unsorted_query' => '',
        'queryflags'     => array(),
        'select_expr'    => array(),
        'table_ref'      => array(),
        'foreign_keys'   => array(),
        'create_table_fields' => array()
    );
    $subresult_empty = $subresult;
    $seek_queryend         = false;
    $seen_end_of_table_ref = false;
    $number_of_brackets_in_extract = 0;
    $number_of_brackets_in_group_concat = 0;

    $number_of_brackets = 0;
    $in_subquery = false;
    $seen_subquery = false;
    $seen_from = false;

    // for SELECT EXTRACT(YEAR_MONTH FROM CURDATE())
    // we must not use CURDATE as a table_ref
    // so we track whether we are in the EXTRACT()
    $in_extract          = false;

    // for GROUP_CONCAT(...)
    $in_group_concat     = false;

    /* Description of analyzer results
     *
     * db, table, column, alias
     * ------------------------
     *
     * Inside the $subresult array, we create ['select_expr'] and ['table_ref']
     * arrays.
     *
     * The SELECT syntax (simplified) is
     *
     * SELECT
     *    select_expression,...
     *    [FROM [table_references]
     *
     *
     * ['select_expr'] is filled with each expression, the key represents the
     * expression position in the list (0-based) (so we don't lose track of
     * multiple occurrences of the same column).
     *
     * ['table_ref'] is filled with each table ref, same thing for the key.
     *
     * I create all sub-values empty, even if they are
     * not present (for example no select_expression alias).
     *
     * There is a debug section at the end of loop #1, if you want to
     * see the exact contents of select_expr and table_ref
     *
     * queryflags
     * ----------
     *
     * In $subresult, array 'queryflags' is filled, according to what we
     * find in the query.
     *
     * Currently, those are generated:
     *
     * ['queryflags']['select_from'] = 1;  if this is a real SELECT...FROM
     * ['queryflags']['drop_database'] = 1;if this is a DROP DATABASE
     * ['queryflags']['reload'] = 1;       for the purpose of reloading the
     *                                     navigation bar
     * ['queryflags']['distinct'] = 1;     for a DISTINCT
     * ['queryflags']['union'] = 1;        for a UNION
     * ['queryflags']['join'] = 1;         for a JOIN
     * ['queryflags']['offset'] = 1;       for the presence of OFFSET
     * ['queryflags']['procedure'] = 1;    for the presence of PROCEDURE
     * ['queryflags']['is_explain'] = 1;   for the presence of EXPLAIN
     * ['queryflags']['is_delete'] = 1;    for the presence of DELETE
     * ['queryflags']['is_affected'] = 1;  for the presence of UPDATE, DELETE
     *                                     or INSERT|LOAD DATA|REPLACE
     * ['queryflags']['is_replace'] = 1;   for the presence of REPLACE
     * ['queryflags']['is_insert'] = 1;    for the presence of INSERT
     * ['queryflags']['is_maint'] = 1;     for the presence of CHECK|ANALYZE
     *                                     |REPAIR|OPTIMIZE TABLE
     * ['queryflags']['is_show'] = 1;      for the presence of SHOW
     * ['queryflags']['is_analyse'] = 1;   for the presence of PROCEDURE ANALYSE
     * ['queryflags']['is_export'] = 1;    for the presence of INTO OUTFILE
     * ['queryflags']['is_group'] = 1;     for the presence of GROUP BY|HAVING|
     *                                     SELECT DISTINCT
     * ['queryflags']['is_func'] = 1;      for the presence of SUM|AVG|STD|STDDEV
     *                                     |MIN|MAX|BIT_OR|BIT_AND
     * ['queryflags']['is_count'] = 1;     for the presence of SELECT COUNT
     * ['queryflags']['is_procedure'] = 1; for the presence of CALL
     * ['queryflags']['is_subquery'] = 1;  contains a subquery
     *
     * query clauses
     * -------------
     *
     * The select is split in those clauses:
     * ['select_expr_clause']
     * ['from_clause']
     * ['group_by_clause']
     * ['order_by_clause']
     * ['having_clause']
     * ['limit_clause']
     * ['where_clause']
     *
     * The identifiers of the WHERE clause are put into the array
     * ['where_clause_identifier']
     *
     * For a SELECT, the whole query without the ORDER BY clause is put into
     * ['unsorted_query']
     *
     * foreign keys
     * ------------
     * The CREATE TABLE may contain FOREIGN KEY clauses, so they get
     * analyzed and ['foreign_keys'] is an array filled with
     * the constraint name, the index list,
     * the REFERENCES table name and REFERENCES index list,
     * and ON UPDATE | ON DELETE clauses
     *
     * position_of_first_select
     * ------------------------
     *
     * The array index of the first SELECT we find. Will be used to
     * insert a SQL_CALC_FOUND_ROWS.
     *
     * create_table_fields
     * -------------------
     *
     * Used to detect the DEFAULT CURRENT_TIMESTAMP and
     * ON UPDATE CURRENT_TIMESTAMP clauses of the CREATE TABLE query.
     * Also used to store the default value of the field.
     * An array, each element is the identifier name.
     * Note that for now, the timestamp_not_null element is created
     * even for non-TIMESTAMP fields.
     *
     * Sub-elements: ['type'] which contains the column type
     *               optional (currently they are never false but can be absent):
     *               ['default_current_timestamp'] boolean
     *               ['on_update_current_timestamp'] boolean
     *               ['timestamp_not_null'] boolean
     *
     * section_before_limit, section_after_limit
     * -----------------------------------------
     *
     * Marks the point of the query where we can insert a LIMIT clause;
     * so the section_before_limit will contain the left part before
     * a possible LIMIT clause
     *
     *
     * End of description of analyzer results
     */

    // must be sorted
    // TODO: current logic checks for only one word, so I put only the
    // first word of the reserved expressions that end a table ref;
    // maybe this is not ok (the first word might mean something else)
    //        $words_ending_table_ref = array(
    //            'FOR UPDATE',
    //            'GROUP BY',
    //            'HAVING',
    //            'LIMIT',
    //            'LOCK IN SHARE MODE',
    //            'ORDER BY',
    //            'PROCEDURE',
    //            'UNION',
    //            'WHERE'
    //        );
    $words_ending_table_ref = array(
        'FOR' => 1,
        'GROUP' => 1,
        'HAVING' => 1,
        'LIMIT' => 1,
        'LOCK' => 1,
        'ORDER' => 1,
        'PROCEDURE' => 1,
        'UNION' => 1,
        'WHERE' => 1
    );

    $words_ending_clauses = array(
        'FOR' => 1,
        'LIMIT' => 1,
        'LOCK' => 1,
        'PROCEDURE' => 1,
        'UNION' => 1
    );

    $supported_query_types = array(
        'SELECT' => 1,
        /*
        // Support for these additional query types will come later on.
        'DELETE' => 1,
        'INSERT' => 1,
        'REPLACE' => 1,
        'TRUNCATE' => 1,
        'UPDATE' => 1,
        'EXPLAIN' => 1,
        'DESCRIBE' => 1,
        'SHOW' => 1,
        'CREATE' => 1,
        'SET' => 1,
        'ALTER' => 1
        */
    );

    // loop #1 for each token: select_expr, table_ref for SELECT

    for ($i = 0; $i < $size; $i++) {
        //DEBUG echo "Loop1 <strong>"  . $arr[$i]['data']
        //. "</strong> (" . $arr[$i]['type'] . ")<br />";

        // High speed seek for locating the end of the current query
        if ($seek_queryend == true) {
            if ($arr[$i]['type'] == 'punct_queryend') {
                $seek_queryend = false;
            } else {
                continue;
            } // end if (type == punct_queryend)
        } // end if ($seek_queryend)

        /**
         * Note: do not split if this is a punct_queryend for the first and only
         * query
         * @todo when we find a UNION, should we split in another subresult?
         */
        if ($arr[$i]['type'] == 'punct_queryend' && ($i + 1 != $size)) {
            $result[]  = $subresult;
            $subresult = $subresult_empty;
            continue;
        } // end if (type == punct_queryend)

        // ==============================================================
        if ($arr[$i]['type'] == 'punct_bracket_open_round') {
            $number_of_brackets++;
            if ($in_extract) {
                $number_of_brackets_in_extract++;
            }
            if ($in_group_concat) {
                $number_of_brackets_in_group_concat++;
            }
        }
        // ==============================================================
        if ($arr[$i]['type'] == 'punct_bracket_close_round') {
            $number_of_brackets--;
            if ($number_of_brackets == 0) {
                $in_subquery = false;
            }
            if ($in_extract) {
                $number_of_brackets_in_extract--;
                if ($number_of_brackets_in_extract == 0) {
                    $in_extract = false;
                }
            }
            if ($in_group_concat) {
                $number_of_brackets_in_group_concat--;
                if ($number_of_brackets_in_group_concat == 0) {
                    $in_group_concat = false;
                }
            }
        }

        if ($in_subquery) {
            /**
             * skip the subquery to avoid setting
             * select_expr or table_ref with the contents
             * of this subquery; this is to avoid a bug when
             * trying to edit the results of
             * select * from child where not exists (select id from
             * parent where child.parent_id = parent.id);
             */
            continue;
        }
        // ==============================================================
        if ($arr[$i]['type'] == 'alpha_functionName') {
            $upper_data = /*overload*/mb_strtoupper($arr[$i]['data']);
            if ($upper_data =='EXTRACT') {
                $in_extract = true;
                $number_of_brackets_in_extract = 0;
            }
            if ($upper_data =='GROUP_CONCAT') {
                $in_group_concat = true;
                $number_of_brackets_in_group_concat = 0;
            }
        }

        // ==============================================================
        if ($arr[$i]['type'] == 'alpha_reservedWord') {
            // We don't know what type of query yet, so run this
            if ($subresult['querytype'] == '') {
                $subresult['querytype'] = /*overload*/mb_strtoupper(
                    $arr[$i]['data']
                );
            } // end if (querytype was empty)

            // Check if we support this type of query
            if (!isset($supported_query_types[$subresult['querytype']])) {
                // Skip ahead to the next one if we don't
                $seek_queryend = true;
                continue;
            } // end if (query not supported)

            // upper once
            $upper_data = /*overload*/mb_strtoupper($arr[$i]['data']);
            /**
             * @todo reset for each query?
             */

            if ($upper_data == 'SELECT') {
                if ($number_of_brackets > 0) {
                    $in_subquery = true;
                    $seen_subquery = true;
                    $subresult['queryflags']['is_subquery'] = 1;
                    // this is a subquery so do not analyze inside it
                    continue;
                }
                $seen_from = false;
                $previous_was_identifier = false;
                $current_select_expr = -1;
                $seen_end_of_table_ref = false;
            } // end if (data == SELECT)

            if ($upper_data =='FROM' && !$in_extract) {
                $current_table_ref = -1;
                $seen_from = true;
                $previous_was_identifier = false;
                $save_table_ref = true;
            } // end if (data == FROM)

            // here, do not 'continue' the loop, as we have more work for
            // reserved words below
        } // end if (type == alpha_reservedWord)

        // ==============================
        if ($arr[$i]['type'] == 'quote_backtick'
            || $arr[$i]['type'] == 'quote_double'
            || $arr[$i]['type'] == 'quote_single'
            || $arr[$i]['type'] == 'alpha_identifier'
            || ($arr[$i]['type'] == 'alpha_reservedWord'
            && $arr[$i]['forbidden'] == false)
        ) {
            switch ($arr[$i]['type']) {
            case 'alpha_identifier':
            case 'alpha_reservedWord':
                /**
                 * this is not a real reservedWord, because it's not
                 * present in the list of forbidden words, for example
                 * "storage" which can be used as an identifier
                 *
                 */
                $identifier = $arr[$i]['data'];
                break;

            case 'quote_backtick':
            case 'quote_double':
            case 'quote_single':
                $identifier = PMA_Util::unQuote($arr[$i]['data']);
                break;
            } // end switch

            if ($subresult['querytype'] == 'SELECT'
                && ! $in_group_concat
                && ! ($seen_subquery
                && $arr[$i - 1]['type'] == 'punct_bracket_close_round')
            ) {
                if (!$seen_from) {
                    if ($previous_was_identifier && isset($chain)) {
                        // found alias for this select_expr, save it
                        // but only if we got something in $chain
                        // (for example, SELECT COUNT(*) AS cnt
                        // puts nothing in $chain, so we avoid
                        // setting the alias)
                        $alias_for_select_expr = $identifier;
                    } else {
                        if (! isset($chain)) {
                            $chain = array();
                        }
                        $chain[] = $identifier;
                        $previous_was_identifier = true;

                    } // end if !$previous_was_identifier
                } else {
                    // ($seen_from)
                    if ($save_table_ref && !$seen_end_of_table_ref) {
                        if ($previous_was_identifier) {
                            // found alias for table ref
                            // save it for later
                            $alias_for_table_ref = $identifier;
                        } else {
                            if (! isset($chain)) {
                                $chain = array();
                            }
                            $chain[] = $identifier;
                            $previous_was_identifier = true;

                        } // end if ($previous_was_identifier)
                    } // end if ($save_table_ref &&!$seen_end_of_table_ref)
                } // end if (!$seen_from)
            } // end if (querytype SELECT)
        } // end if (quote_backtick or double quote or alpha_identifier)

        // ===================================
        if ($arr[$i]['type'] == 'punct_qualifier') {
            // to be able to detect an identifier following another
            $previous_was_identifier = false;
            continue;
        } // end if (punct_qualifier)

        /**
         * @todo check if 3 identifiers following one another -> error
         */

        //    s a v e    a    s e l e c t    e x p r
        // finding a list separator or FROM
        // means that we must save the current chain of identifiers
        // into a select expression

        // for now, we only save a select expression if it contains
        // at least one identifier, as we are interested in checking
        // the columns and table names, so in "select * from persons",
        // the "*" is not saved

        if (isset($chain) && !$seen_end_of_table_ref
            && ((!$seen_from && $arr[$i]['type'] == 'punct_listsep')
            || ($arr[$i]['type'] == 'alpha_reservedWord' && $upper_data == 'FROM'))
        ) {
            $size_chain = count($chain);
            $current_select_expr++;
            $subresult['select_expr'][$current_select_expr] = array(
              'expr' => '',
              'alias' => '',
              'db'   => '',
              'table_name' => '',
              'table_true_name' => '',
              'column' => ''
             );

            if (isset($alias_for_select_expr)
                && /*overload*/mb_strlen($alias_for_select_expr)
            ) {
                // we had found an alias for this select expression
                $subresult['select_expr'][$current_select_expr]['alias']
                    = $alias_for_select_expr;
                unset($alias_for_select_expr);
            }
            // there is at least a column
            $subresult['select_expr'][$current_select_expr]['column']
                = $chain[$size_chain - 1];
            $subresult['select_expr'][$current_select_expr]['expr']
                = $chain[$size_chain - 1];

            // maybe a table
            if ($size_chain > 1) {
                $subresult['select_expr'][$current_select_expr]['table_name']
                    = $chain[$size_chain - 2];
                // we assume for now that this is also the true name
                $subresult['select_expr'][$current_select_expr]['table_true_name']
                    = $chain[$size_chain - 2];
                $subresult['select_expr'][$current_select_expr]['expr']
                    = $subresult['select_expr'][$current_select_expr]['table_name']
                    . '.' . $subresult['select_expr'][$current_select_expr]['expr'];
            } // end if ($size_chain > 1)

            // maybe a db
            if ($size_chain > 2) {
                $subresult['select_expr'][$current_select_expr]['db']
                    = $chain[$size_chain - 3];
                $subresult['select_expr'][$current_select_expr]['expr']
                    = $subresult['select_expr'][$current_select_expr]['db']
                    . '.' . $subresult['select_expr'][$current_select_expr]['expr'];
            } // end if ($size_chain > 2)
            unset($chain);

            /**
             * @todo explain this:
             */
            if (($arr[$i]['type'] == 'alpha_reservedWord')
                && ($upper_data != 'FROM')
            ) {
                $previous_was_identifier = true;
            }

        } // end if (save a select expr)

        //======================================
        //    s a v e    a    t a b l e    r e f
        //======================================

        // maybe we just saw the end of table refs
        // but the last table ref has to be saved
        // or we are at the last token
        // or we just got a reserved word
        /**
         * @todo there could be another query after this one
         */

        if (isset($chain) && $seen_from && $save_table_ref
            && ($arr[$i]['type'] == 'punct_listsep'
            || ($arr[$i]['type'] == 'alpha_reservedWord' && $upper_data != "AS")
            || $seen_end_of_table_ref
            || $i == $size - 1)
        ) {

            $size_chain = count($chain);
            $current_table_ref++;
            $subresult['table_ref'][$current_table_ref] = array(
              'expr'            => '',
              'db'              => '',
              'table_name'      => '',
              'table_alias'     => '',
              'table_true_name' => ''
             );
            if (isset($alias_for_table_ref)
                && /*overload*/mb_strlen($alias_for_table_ref)
            ) {
                $subresult['table_ref'][$current_table_ref]['table_alias']
                    = $alias_for_table_ref;
                unset($alias_for_table_ref);
            }
            $subresult['table_ref'][$current_table_ref]['table_name']
                = $chain[$size_chain - 1];
            // we assume for now that this is also the true name
            $subresult['table_ref'][$current_table_ref]['table_true_name']
                = $chain[$size_chain - 1];
            $subresult['table_ref'][$current_table_ref]['expr']
                = $subresult['table_ref'][$current_table_ref]['table_name'];
            // maybe a db
            if ($size_chain > 1) {
                $subresult['table_ref'][$current_table_ref]['db']
                    = $chain[$size_chain - 2];
                $subresult['table_ref'][$current_table_ref]['expr']
                    = $subresult['table_ref'][$current_table_ref]['db']
                    . '.' . $subresult['table_ref'][$current_table_ref]['expr'];
            } // end if ($size_chain > 1)

            // add the table alias into the whole expression
            $subresult['table_ref'][$current_table_ref]['expr']
             .= ' ' . $subresult['table_ref'][$current_table_ref]['table_alias'];

            unset($chain);
            $previous_was_identifier = true;
            //continue;

        } // end if (save a table ref)

        // when we have found all table refs,
        // for each table_ref alias, put the true name of the table
        // in the corresponding select expressions

        if (isset($current_table_ref)
            && ($seen_end_of_table_ref || $i == $size-1)
            && $subresult != $subresult_empty
        ) {
            for ($tr=0; $tr <= $current_table_ref; $tr++) {
                $alias = $subresult['table_ref'][$tr]['table_alias'];
                $truename = $subresult['table_ref'][$tr]['table_true_name'];
                for ($se=0; $se <= $current_select_expr; $se++) {
                    if (isset($alias)
                        && /*overload*/mb_strlen($alias)
                        && $subresult['select_expr'][$se]['table_true_name'] == $alias
                    ) {
                        $subresult['select_expr'][$se]['table_true_name']
                            = $truename;
                    } // end if (found the alias)
                } // end for (select expressions)

            } // end for (table refs)
        } // end if (set the true names)

        // e n d i n g    l o o p  #1
        // set the $previous_was_identifier to false if the current
        // token is not an identifier
        if (($arr[$i]['type'] != 'alpha_identifier')
            && ($arr[$i]['type'] != 'quote_double')
            && ($arr[$i]['type'] != 'quote_single')
            && ($arr[$i]['type'] != 'quote_backtick')
        ) {
            $previous_was_identifier = false;
        } // end if

        // however, if we are on AS, we must keep the $previous_was_identifier
        if (($arr[$i]['type'] == 'alpha_reservedWord')
            && ($upper_data == 'AS')
        ) {
            $previous_was_identifier = true;
        }

        if (($arr[$i]['type'] == 'alpha_reservedWord')
            && ($upper_data =='ON' || $upper_data =='USING')
        ) {
            $save_table_ref = false;
        } // end if (data == ON)

        if (($arr[$i]['type'] == 'alpha_reservedWord')
            && ($upper_data =='JOIN' || $upper_data =='FROM')
        ) {
            $save_table_ref = true;
        } // end if (data == JOIN)

        /**
         * no need to check the end of table ref if we already did
         *
         * @todo maybe add "&& $seen_from"
         */
        if (!$seen_end_of_table_ref) {
            // if this is the last token, it implies that we have
            // seen the end of table references
            // Check for the end of table references
            //
            // Note: if we are analyzing a GROUP_CONCAT clause,
            // we might find a word that seems to indicate that
            // we have found the end of table refs (like ORDER)
            // but it's a modifier of the GROUP_CONCAT so
            // it's not the real end of table refs
            if (($i == $size-1)
                || ($arr[$i]['type'] == 'alpha_reservedWord'
                && !$in_group_concat
                && isset($words_ending_table_ref[$upper_data]))
            ) {
                $seen_end_of_table_ref = true;
                // to be able to save the last table ref, but do not
                // set it true if we found a word like "ON" that has
                // already set it to false
                if (isset($save_table_ref) && $save_table_ref != false) {
                    $save_table_ref = true;
                } //end if

            } // end if (check for end of table ref)
        } //end if (!$seen_end_of_table_ref)

        if ($seen_end_of_table_ref) {
            $save_table_ref = false;
        } // end if

    } // end for $i (loop #1)

    //DEBUG
    /*
      if (isset($current_select_expr)) {
       for ($trace=0; $trace<=$current_select_expr; $trace++) {
           echo "<br />";
           reset ($subresult['select_expr'][$trace]);
           while (list ($key, $val) = each ($subresult['select_expr'][$trace]))
               echo "sel expr $trace $key => $val<br />\n";
           }
      }

      if (isset($current_table_ref)) {
       echo "current_table_ref = " . $current_table_ref . "<br>";
       for ($trace=0; $trace<=$current_table_ref; $trace++) {

           echo "<br />";
           reset ($subresult['table_ref'][$trace]);
           while (list ($key, $val) = each ($subresult['table_ref'][$trace]))
           echo "table ref $trace $key => $val<br />\n";
           }
      }
    */
    // -------------------------------------------------------

    // loop #2: - queryflags
    //          - querytype (for queries != 'SELECT')
    //          - section_before_limit, section_after_limit
    //
    // we will also need this queryflag in loop 2
    // so set it here
    if (isset($current_table_ref) && $current_table_ref > -1) {
        $subresult['queryflags']['select_from'] = 1;
    }

    $section_before_limit = '';
    $section_after_limit = ''; // truly the section after the limit clause
    $seen_reserved_word = false;
    $seen_group = false;
    $seen_order = false;
    $seen_order_by = false;
    $in_group_by = false; // true when we are inside the GROUP BY clause
    $in_order_by = false; // true when we are inside the ORDER BY clause
    $in_having = false; // true when we are inside the HAVING clause
    $in_select_expr = false; // true when we are inside the select expr clause
    $in_where = false; // true when we are inside the WHERE clause
    $seen_limit = false; // true if we have seen a LIMIT clause
    $in_limit = false; // true when we are inside the LIMIT clause
    $after_limit = false; // true when we are after the LIMIT clause
    $in_from = false; // true when we are in the FROM clause
    $in_group_concat = false;
    $first_reserved_word = '';
    $current_identifier = '';
    $unsorted_query = $arr['raw']; // in case there is no ORDER BY
    $number_of_brackets = 0;
    $in_subquery = false;

    $arrayFunctions = array(
        "SUM","AVG","STD","STDDEV","MIN","MAX","BIT_OR","BIT_AND"
    );
    $arrayKeyWords = array("BY", "HAVING", "SELECT");

    for ($i = 0; $i < $size; $i++) {
        //DEBUG echo "Loop2 <strong>"  . $arr[$i]['data']
        //. "</strong> (" . $arr[$i]['type'] . ")<br />";

        if ($arr[$i]['type'] == 'punct_bracket_open_round') {
            $number_of_brackets++;
        }

        if ($arr[$i]['type'] == 'punct_bracket_close_round') {
            $number_of_brackets--;
            if ($number_of_brackets == 0) {
                $in_subquery = false;
            }
        }

        if ($arr[$i]['type'] == 'alpha_reservedWord') {
            $upper_data = /*overload*/mb_strtoupper($arr[$i]['data']);

            if ($upper_data == 'SELECT' && $number_of_brackets > 0) {
                $in_subquery = true;
            }

            if (!$seen_reserved_word) {
                $first_reserved_word = $upper_data;
                $subresult['querytype'] = $upper_data;
                $seen_reserved_word = true;

                if ($first_reserved_word === 'SELECT') {
                    $position_of_first_select = $i;
                } elseif ($first_reserved_word === 'EXPLAIN') {
                    $subresult['queryflags']['is_explain'] = 1;
                } elseif ($first_reserved_word === 'DELETE') {
                    $subresult['queryflags']['is_delete'] = 1;
                    $subresult['queryflags']['is_affected'] = 1;
                } elseif ($first_reserved_word === 'UPDATE') {
                    $subresult['queryflags']['is_affected'] = 1;
                } elseif ($first_reserved_word === 'REPLACE') {
                    $subresult['queryflags']['is_replace'] = 1;
                    $subresult['queryflags']['is_affected'] = 1;
                } elseif ($first_reserved_word === 'INSERT') {
                    $subresult['queryflags']['is_insert'] = 1;
                    $subresult['queryflags']['is_affected'] = 1;
                } elseif ($first_reserved_word === 'SHOW') {
                    $subresult['queryflags']['is_show'] = 1;
                }

            } else {
                // for the presence of DROP DATABASE
                if ($first_reserved_word == 'DROP' && $upper_data == 'DATABASE') {
                    $subresult['queryflags']['drop_database'] = 1;
                }
                // A table has to be created, renamed, dropped -> navi panel
                // should be reloaded
                $keywords1 = array('CREATE', 'ALTER', 'DROP');
                $keywords2 = array('VIEW', 'TABLE', 'DATABASE', 'SCHEMA');
                if (in_array($first_reserved_word, $keywords1)
                    && in_array($upper_data, $keywords2)
                ) {
                    $subresult['queryflags']['reload'] = 1;
                }
                // for the presence of CHECK|ANALYZE|REPAIR|OPTIMIZE TABLE
                $keywords = array(
                    'CHECK', 'ANALYZE', 'REPAIR', 'OPTIMIZE'
                );
                if (in_array($first_reserved_word, $keywords)
                    && $upper_data == 'TABLE'
                ) {
                    $subresult['queryflags']['is_maint'] = 1;
                }
            }

            if ($upper_data == 'LIMIT' && ! $in_subquery) {
                $section_before_limit = /*overload*/mb_substr(
                    $arr['raw'], 0, $arr[$i]['pos'] - 5
                );
                $in_limit = true;
                $seen_limit = true;
                $limit_clause = '';
                $in_order_by = false; // @todo maybe others to set false
            }

            if ($upper_data == 'PROCEDURE') {
                $subresult['queryflags']['procedure'] = 1;
                $in_limit = false;
                $after_limit = true;

                // for the presence of PROCEDURE ANALYSE
                if (isset($subresult['queryflags']['select_from'])
                    && $subresult['queryflags']['select_from'] == 1
                    && ($i + 1) < $size
                    && $arr[$i + 1]['type'] == 'alpha_reservedWord'
                    && /*overload*/mb_strtoupper($arr[$i + 1]['data']) == 'ANALYSE'
                ) {
                    $subresult['queryflags']['is_analyse'] = 1;
                }
            }

            // for the presence of INTO OUTFILE
            if ($upper_data == 'INTO'
                && isset($subresult['queryflags']['select_from'])
                && $subresult['queryflags']['select_from'] == 1
                && ($i + 1) < $size
                && $arr[$i + 1]['type'] == 'alpha_reservedWord'
                && /*overload*/mb_strtoupper($arr[$i + 1]['data']) == 'OUTFILE'
            ) {
                $subresult['queryflags']['is_export'] = 1;
            }
            /**
             * @todo set also to false if we find FOR UPDATE or LOCK IN SHARE MODE
             */
            if ($upper_data == 'SELECT') {
                $in_select_expr = true;
                $select_expr_clause = '';

                // for the presence of SELECT COUNT
                if (isset($subresult['queryflags']['select_from'])
                    && $subresult['queryflags']['select_from'] == 1
                    && !isset($subresult['queryflags']['is_group'])
                    && ($i + 1) < $size
                    && $arr[$i + 1]['type'] == 'alpha_functionName'
                    && /*overload*/mb_strtoupper($arr[$i + 1]['data']) == 'COUNT'
                ) {
                    $subresult['queryflags']['is_count'] = 1;
                }
            }

            if ($upper_data == 'DISTINCT' && !$in_group_concat) {
                $subresult['queryflags']['distinct'] = 1;
            }

            if ($upper_data == 'UNION') {
                $subresult['queryflags']['union'] = 1;
            }

            if ($upper_data == 'JOIN') {
                $subresult['queryflags']['join'] = 1;
            }

            if ($upper_data == 'OFFSET') {
                $subresult['queryflags']['offset'] = 1;
            }

            // for the presence of CALL
            if ($upper_data == 'CALL') {
                $subresult['queryflags']['is_procedure'] = 1;
            }

            // if this is a real SELECT...FROM
            if ($upper_data == 'FROM'
                && isset($subresult['queryflags']['select_from'])
                && $subresult['queryflags']['select_from'] == 1
            ) {
                $in_from = true;
                $from_clause = '';
                $in_select_expr = false;
            }

            // (we could have less resetting of variables to false
            // if we trust that the query respects the standard
            // MySQL order for clauses)

            // we use $seen_group and $seen_order because we are looking
            // for the BY
            if ($upper_data == 'GROUP') {
                $seen_group = true;
                $seen_order = false;
                $in_having = false;
                $in_order_by = false;
                $in_where = false;
                $in_select_expr = false;
                $in_from = false;

                // for the presence of GROUP BY|HAVING|SELECT DISTINCT
                if (isset($subresult['queryflags']['select_from'])
                    && $subresult['queryflags']['select_from'] == 1
                    && ($i + 1) < $size
                    && $arr[$i + 1]['type'] == 'alpha_reservedWord'
                    && in_array(
                        /*overload*/mb_strtoupper($arr[$i + 1]['data']),
                        $arrayKeyWords
                    )
                    && ($i + 2) < $size
                    && $arr[$i + 2]['type'] == 'alpha_reservedWord'
                    && /*overload*/mb_strtoupper($arr[$i + 2]['data']) == 'DISTINCT'
                ) {
                    $subresult['queryflags']['is_group'] = 1;
                }
            }
            if ($upper_data == 'ORDER' && !$in_group_concat) {
                $seen_order = true;
                $seen_group = false;
                $in_having = false;
                $in_group_by = false;
                $in_where = false;
                $in_select_expr = false;
                $in_from = false;
            }
            if ($upper_data == 'HAVING') {
                $in_having = true;
                $having_clause = '';
                $seen_group = false;
                $seen_order = false;
                $in_group_by = false;
                $in_order_by = false;
                $in_where = false;
                $in_select_expr = false;
                $in_from = false;
            }

            if ($upper_data == 'WHERE') {
                $in_where = true;
                $where_clause = '';
                $where_clause_identifiers = array();
                $seen_group = false;
                $seen_order = false;
                $in_group_by = false;
                $in_order_by = false;
                $in_having = false;
                $in_select_expr = false;
                $in_from = false;
            }

            if ($upper_data == 'BY') {
                if ($seen_group) {
                    $in_group_by = true;
                    $group_by_clause = '';
                }
                if ($seen_order) {
                    $seen_order_by = true;
                    // Here we assume that the ORDER BY keywords took
                    // exactly 8 characters.
                    // We use $GLOBALS['PMA_String']->substr() to be charset-safe;
                    // otherwise if the table name contains accents, the unsorted
                    // query would be missing some characters.
                    $unsorted_query = /*overload*/mb_substr(
                        $arr['raw'], 0, $arr[$i]['pos'] - 8
                    );
                    $in_order_by = true;
                    $order_by_clause = '';
                }
            }

            // if we find one of the words that could end the clause
            if (isset($words_ending_clauses[$upper_data])) {

                $in_group_by = false;
                $in_order_by = false;
                $in_having   = false;
                $in_where    = false;
                $in_select_expr = false;
                $in_from = false;
            }

        } // endif (reservedWord)

        // do not add a space after a function name
        /**
         * @todo can we combine loop 2 and loop 1? some code is repeated here...
         */

        $sep = ' ';
        if ($arr[$i]['type'] == 'alpha_functionName') {
            $sep='';
            $upper_data = /*overload*/mb_strtoupper($arr[$i]['data']);
            if ($upper_data =='GROUP_CONCAT') {
                $in_group_concat = true;
                $number_of_brackets_in_group_concat = 0;
            }
        }

        if ($arr[$i]['type'] == 'punct_bracket_open_round') {
            if ($in_group_concat) {
                $number_of_brackets_in_group_concat++;
            }
        }
        if ($arr[$i]['type'] == 'punct_bracket_close_round') {
            if ($in_group_concat) {
                $number_of_brackets_in_group_concat--;
                if ($number_of_brackets_in_group_concat == 0) {
                    $in_group_concat = false;
                }
            }
        }

        // do not add a space after an identifier if followed by a dot
        if ($arr[$i]['type'] == 'alpha_identifier'
            && $i < $size - 1 && $arr[$i + 1]['data'] == '.'
        ) {
            $sep = '';
        }

        // do not add a space after a dot if followed by an identifier
        if ($arr[$i]['data'] == '.' && $i < $size - 1
            && $arr[$i + 1]['type'] == 'alpha_identifier'
        ) {
            $sep = '';
        }

        // for the presence of INSERT|LOAD DATA
        if ($arr[$i]['type'] == 'alpha_identifier'
            && /*overload*/mb_strtoupper($arr[$i]['data']) == 'DATA'
            && ($i - 1) >= 0
            && $arr[$i - 1]['type'] == 'alpha_reservedWord'
            && in_array(
                /*overload*/mb_strtoupper($arr[$i - 1]['data']),
                array("INSERT", "LOAD")
            )
        ) {
            $subresult['queryflags']['is_insert'] = 1;
            $subresult['queryflags']['is_affected'] = 1;
        }

        // for the presence of SUM|AVG|STD|STDDEV|MIN|MAX|BIT_OR|BIT_AND
        if ($arr[$i]['type'] == 'alpha_functionName'
            && in_array(/*overload*/mb_strtoupper($arr[$i]['data']), $arrayFunctions)
            && isset($subresult['queryflags']['select_from'])
            && $subresult['queryflags']['select_from'] == 1
            && !isset($subresult['queryflags']['is_group'])
        ) {
            $subresult['queryflags']['is_func'] = 1;
        }

        if ($in_select_expr && $upper_data != 'SELECT'
            && $upper_data != 'DISTINCT'
        ) {
            $select_expr_clause .= $arr[$i]['data'] . $sep;
        }
        if ($in_from && $upper_data != 'FROM') {
            $from_clause .= $arr[$i]['data'] . $sep;
        }
        if ($in_group_by && $upper_data != 'GROUP' && $upper_data != 'BY') {
            $group_by_clause .= $arr[$i]['data'] . $sep;
        }
        if ($in_order_by && $upper_data != 'ORDER' && $upper_data != 'BY') {
            // add a space only before ASC or DESC
            // not around the dot between dbname and tablename
            if ($arr[$i]['type'] == 'alpha_reservedWord') {
                $order_by_clause .= $sep;
            }
            $order_by_clause .= $arr[$i]['data'];
        }
        if ($in_having && $upper_data != 'HAVING') {
            $having_clause .= $arr[$i]['data'] . $sep;
        }
        if ($in_where && $upper_data != 'WHERE') {
            $where_clause .= $arr[$i]['data'] . $sep;

            if (($arr[$i]['type'] == 'quote_backtick')
                || ($arr[$i]['type'] == 'alpha_identifier')
            ) {
                $where_clause_identifiers[] = $arr[$i]['data'];
            }
        }

        // to grab the rest of the query after the ORDER BY clause
        if (isset($subresult['queryflags']['select_from'])
            && $subresult['queryflags']['select_from'] == 1
            && ! $in_order_by
            && $seen_order_by
            && $upper_data != 'BY'
        ) {
            $unsorted_query .= $arr[$i]['data'];
            if ($arr[$i]['type'] != 'punct_bracket_open_round'
                && $arr[$i]['type'] != 'punct_bracket_close_round'
                && $arr[$i]['type'] != 'punct'
            ) {
                $unsorted_query .= $sep;
            }
        }

        if ($in_limit) {
            if ($upper_data == 'OFFSET') {
                $limit_clause .= $sep;
            }
            $limit_clause .= $arr[$i]['data'];
            if ($upper_data == 'LIMIT' || $upper_data == 'OFFSET') {
                $limit_clause .= $sep;
            }
        }
        if ($after_limit && $seen_limit) {
            $section_after_limit .= $arr[$i]['data'] . $sep;
        }

        // clear $upper_data for next iteration
        $upper_data='';
    } // end for $i (loop #2)
    if (empty($section_before_limit)) {
        $section_before_limit = $arr['raw'];
    }

    // -----------------------------------------------------
    // loop #3: foreign keys and MySQL 4.1.2+ TIMESTAMP options
    // (for now, check only the first query)
    // (for now, identifiers are assumed to be backquoted)

    // If we find that we are dealing with a CREATE TABLE query,
    // we look for the next punct_bracket_open_round, which
    // introduces the fields list. Then, when we find a
    // quote_backtick, it must be a field, so we put it into
    // the create_table_fields array. Even if this field is
    // not a timestamp, it will be useful when logic has been
    // added for complete field attributes analysis.

    $seen_foreign = false;
    $seen_references = false;
    $seen_constraint = false;
    $foreign_key_number = -1;
    $seen_create_table = false;
    $seen_create = false;
    $seen_alter = false;
    $in_create_table_fields = false;
    $brackets_level = 0;
    $in_timestamp_options = false;
    $seen_default = false;

    for ($i = 0; $i < $size; $i++) {
        if ($arr[$i]['type'] == 'alpha_reservedWord') {
            $upper_data = /*overload*/mb_strtoupper($arr[$i]['data']);

            if ($upper_data == 'NOT' && $in_timestamp_options) {
                if (! isset($create_table_fields)) {
                    $create_table_fields = array();
                }
                $create_table_fields[$current_identifier]['timestamp_not_null']
                    = true;

            }

            if ($upper_data == 'CREATE') {
                $seen_create = true;
            }

            if ($upper_data == 'ALTER') {
                $seen_alter = true;
            }

            if ($upper_data == 'TABLE' && $seen_create) {
                $seen_create_table = true;
                $create_table_fields = array();
            }

            if ($upper_data == 'CURRENT_TIMESTAMP') {
                if ($in_timestamp_options) {
                    if ($seen_default) {
                        $create_table_fields[$current_identifier]
                            ['default_current_timestamp'] = true;
                    }
                }
            }

            if ($upper_data == 'CONSTRAINT') {
                $foreign_key_number++;
                $seen_foreign = false;
                $seen_references = false;
                $seen_constraint = true;
            }
            if ($upper_data == 'FOREIGN') {
                $seen_foreign = true;
                $seen_references = false;
                $seen_constraint = false;
            }
            if ($upper_data == 'REFERENCES') {
                $seen_foreign = false;
                $seen_references = true;
                $seen_constraint = false;
            }

            // Cases covered:

            // [ON DELETE {CASCADE | SET NULL | NO ACTION | RESTRICT}]
            // [ON UPDATE {CASCADE | SET NULL | NO ACTION | RESTRICT}]

            // but we set ['on_delete'] or ['on_cascade'] to
            // CASCADE | SET_NULL | NO_ACTION | RESTRICT

            // ON UPDATE CURRENT_TIMESTAMP

            if ($upper_data == 'ON') {
                if (isset($arr[$i+1])
                    && $arr[$i+1]['type'] == 'alpha_reservedWord'
                ) {
                    $second_upper_data = /*overload*/mb_strtoupper(
                        $arr[$i+1]['data']
                    );
                    if ($second_upper_data == 'DELETE') {
                        $clause = 'on_delete';
                    }
                    if ($second_upper_data == 'UPDATE') {
                        $clause = 'on_update';
                    }
                    // ugly workaround because currently, NO is not
                    // in the list of reserved words in sqlparser.data
                    // (we got a bug report about not being able to use
                    // 'no' as an identifier)
                    if (isset($clause)
                        && ($arr[$i+2]['type'] == 'alpha_reservedWord'
                        || ($arr[$i+2]['type'] == 'alpha_identifier'
                        && /*overload*/mb_strtoupper($arr[$i+2]['data'])=='NO'))
                    ) {
                        $third_upper_data = /*overload*/mb_strtoupper(
                            $arr[$i+2]['data']
                        );
                        if ($third_upper_data == 'CASCADE'
                            || $third_upper_data == 'RESTRICT'
                        ) {
                            $value = $third_upper_data;
                        } elseif ($third_upper_data == 'SET'
                            || $third_upper_data == 'NO'
                        ) {
                            if ($arr[$i+3]['type'] == 'alpha_reservedWord') {
                                $value = $third_upper_data . '_'
                                    . /*overload*/mb_strtoupper($arr[$i+3]['data']);
                            }
                        } elseif ($third_upper_data == 'CURRENT_TIMESTAMP') {
                            if ($clause == 'on_update'
                                && $in_timestamp_options
                            ) {
                                $create_table_fields[$current_identifier]
                                    ['on_update_current_timestamp']
                                        = true;
                                $seen_default = false;
                            }

                        } else {
                            $value = '';
                        }
                        if (!empty($value)) {
                            if (! isset($foreign)) {
                                $foreign = array();
                            }
                            $foreign[$foreign_key_number][$clause] = $value;
                        }
                        unset($clause);
                    } // endif (isset($clause))
                }
            }

        } // end of reserved words analysis

        if ($arr[$i]['type'] == 'punct_bracket_open_round') {
            $brackets_level++;
            if ($seen_create_table && $brackets_level == 1) {
                $in_create_table_fields = true;
            }
        }

        if ($arr[$i]['type'] == 'punct_bracket_close_round') {
            $brackets_level--;
            if ($seen_references) {
                $seen_references = false;
            }
            if ($seen_create_table && $brackets_level == 0) {
                $in_create_table_fields = false;
            }
        }

        if (($arr[$i]['type'] == 'alpha_columnAttrib')) {
            $upper_data = /*overload*/mb_strtoupper($arr[$i]['data']);
            if ($seen_create_table && $in_create_table_fields) {
                if ($upper_data == 'DEFAULT') {
                    $seen_default = true;
                    $create_table_fields[$current_identifier]['default_value']
                        = $arr[$i + 1]['data'];
                }
            }
        }

        /**
         * @see @todo 2005-10-16 note: the "or" part here is a workaround for a bug
         */
        if (($arr[$i]['type'] == 'alpha_columnType')
            || ($arr[$i]['type'] == 'alpha_functionName' && $seen_create_table)
        ) {
            $upper_data = /*overload*/mb_strtoupper($arr[$i]['data']);
            if ($seen_create_table && $in_create_table_fields
                && isset($current_identifier)
            ) {
                $create_table_fields[$current_identifier]['type'] = $upper_data;
                if ($upper_data == 'TIMESTAMP') {
                    $arr[$i]['type'] = 'alpha_columnType';
                    $in_timestamp_options = true;
                } else {
                    $in_timestamp_options = false;
                    if ($upper_data == 'CHAR') {
                        $arr[$i]['type'] = 'alpha_columnType';
                    }
                }
            }
        }

        if ($arr[$i]['type'] == 'quote_backtick'
            || $arr[$i]['type'] == 'alpha_identifier'
        ) {

            if ($arr[$i]['type'] == 'quote_backtick') {
                // remove backquotes
                $identifier = PMA_Util::unQuote($arr[$i]['data']);
            } else {
                $identifier = $arr[$i]['data'];
            }

            if ($seen_create_table && $in_create_table_fields) {
                $current_identifier = $identifier;
                // we set this one even for non TIMESTAMP type
                $create_table_fields[$current_identifier]['timestamp_not_null']
                    = false;
            }

            if ($seen_constraint) {
                $foreign[$foreign_key_number]['constraint'] = $identifier;
            }

            if ($seen_foreign && $brackets_level > 0) {
                $foreign[$foreign_key_number]['index_list'][] = $identifier;
            }

            if ($seen_references) {
                if ($seen_alter && $brackets_level > 0) {
                    $foreign[$foreign_key_number]['ref_index_list'][] = $identifier;
                    // here, the first bracket level corresponds to the
                    // bracket of CREATE TABLE
                    // so if we are on level 2, it must be the index list
                    // of the foreign key REFERENCES
                } elseif ($brackets_level > 1) {
                    $foreign[$foreign_key_number]['ref_index_list'][] = $identifier;
                } elseif ($arr[$i+1]['type'] == 'punct_qualifier') {
                    // identifier is `db`.`table`
                    // the first pass will pick the db name
                    // the next pass will pick the table name
                    $foreign[$foreign_key_number]['ref_db_name'] = $identifier;
                } else {
                    // identifier is `table`
                    $foreign[$foreign_key_number]['ref_table_name'] = $identifier;
                }
            }
        }
    } // end for $i (loop #3)

    // Fill the $subresult array

    if (isset($create_table_fields)) {
        $subresult['create_table_fields'] = $create_table_fields;
    }

    if (isset($foreign)) {
        $subresult['foreign_keys'] = $foreign;
    }

    if (isset($select_expr_clause)) {
        $subresult['select_expr_clause'] = $select_expr_clause;
    }
    if (isset($from_clause)) {
        $subresult['from_clause'] = $from_clause;
    }
    if (isset($group_by_clause)) {
        $subresult['group_by_clause'] = $group_by_clause;
    }
    if (isset($order_by_clause)) {
        $subresult['order_by_clause'] = $order_by_clause;
    }
    if (isset($having_clause)) {
        $subresult['having_clause'] = $having_clause;
    }
    if (isset($limit_clause)) {
        $subresult['limit_clause'] = $limit_clause;
    }
    if (isset($where_clause)) {
        $subresult['where_clause'] = $where_clause;
    }
    if (isset($unsorted_query) && !empty($unsorted_query)) {
        $subresult['unsorted_query'] = $unsorted_query;
    }
    if (isset($where_clause_identifiers)) {
        $subresult['where_clause_identifiers'] = $where_clause_identifiers;
    }

    if (isset($position_of_first_select)) {
        $subresult['position_of_first_select'] = $position_of_first_select;
        $subresult['section_before_limit'] = $section_before_limit;
        $subresult['section_after_limit'] = $section_after_limit;
    }

    // They are naughty and didn't have a trailing semi-colon,
    // then still handle it properly
    if ($subresult['querytype'] != '') {
        $result[] = $subresult;
    }
    return $result;
} // end of the "PMA_SQP_analyze()" function


/**
 * Formats SQL queries
 *
 * @param array   $arr              The SQL queries
 * @param string  $mode             formatting mode
 * @param integer $start_token      starting token
 * @param integer $number_of_tokens number of tokens to format, -1 = all
 *
 * @return string  The formatted SQL queries
 *
 * @access public
 */
function PMA_SQP_format(
    $arr, $mode='text', $start_token=0,
    $number_of_tokens=-1
) {
    //DEBUG echo 'in Format<pre>'; print_r($arr); echo '</pre>';
    // then check for an array
    if (! is_array($arr)) {
        return htmlspecialchars($arr);
    }
    // first check for the SQL parser having hit an error
    if (PMA_SQP_isError()) {
        return htmlspecialchars($arr['raw']);
    }
    // else do it properly
    switch ($mode) {
    case 'query_only':
        $str                                = '';
        $html_line_break                    = "\n";
        break;
    case 'text':
        $str                                = '';
        $html_line_break                    = '<br />';
        break;
    } // end switch
    $indent                                     = 0;
    $bracketlevel                               = 0;
    $functionlevel                              = 0;
    $infunction                                 = false;
    $space_punct_listsep                        = ' ';
    $space_punct_listsep_function_name          = ' ';
    // $space_alpha_reserved_word = '<br />'."\n";
    $space_alpha_reserved_word                  = ' ';

    $keywords_with_brackets_1before            = array(
        'INDEX' => 1,
        'KEY' => 1,
        'ON' => 1,
        'USING' => 1
    );

    $keywords_with_brackets_2before            = array(
        'IGNORE' => 1,
        'INDEX' => 1,
        'INTO' => 1,
        'KEY' => 1,
        'PRIMARY' => 1,
        'PROCEDURE' => 1,
        'REFERENCES' => 1,
        'UNIQUE' => 1,
        'USE' => 1
    );

    // These reserved words do NOT get a newline placed near them.
    $keywords_no_newline               = array(
        'AS' => 1,
        'ASC' => 1,
        'DESC' => 1,
        'DISTINCT' => 1,
        'DUPLICATE' => 1,
        'HOUR' => 1,
        'INTERVAL' => 1,
        'IS' => 1,
        'LIKE' => 1,
        'NOT' => 1,
        'NULL' => 1,
        'ON' => 1,
        'REGEXP' => 1
    );

    // These reserved words introduce a privilege list
    $keywords_priv_list                = array(
        'GRANT' => 1,
        'REVOKE' => 1
    );

    if ($number_of_tokens == -1) {
        $number_of_tokens = $arr['len'];
    }
    $typearr   = array();
    if ($number_of_tokens >= 0) {
        $typearr[0] = '';
        $typearr[1] = '';
        $typearr[2] = '';
        $typearr[3] = $arr[$start_token]['type'];
    }

    $in_priv_list = false;
    for ($i = $start_token; $i < $number_of_tokens; $i++) {
        // DEBUG echo "Loop format <strong>" . $arr[$i]['data']
        // . "</strong> " . $arr[$i]['type'] . "<br />";
        $before = '';
        $after  = '';
        // array_shift($typearr);
        /*
        0 prev2
        1 prev
        2 current
        3 next
        */
        if (($i + 1) < $number_of_tokens) {
            $typearr[4] = $arr[$i + 1]['type'];
        } else {
            $typearr[4] = '';
        }

        for ($j=0; $j<4; $j++) {
            $typearr[$j] = $typearr[$j + 1];
        }

        switch ($typearr[2]) {
        case 'alpha_bitfield_constant_introducer':
            $before     = ' ';
            $after      = '';
            break;
        case 'white_newline':
            $before     = '';
            break;
        case 'punct_bracket_open_round':
            $bracketlevel++;
            $infunction = false;
            $keyword_brackets_2before = isset(
                $keywords_with_brackets_2before[
                    /*overload*/mb_strtoupper($arr[$i - 2]['data'])
                ]
            );
            $keyword_brackets_1before = isset(
                $keywords_with_brackets_1before[
                    /*overload*/mb_strtoupper($arr[$i - 1]['data'])
                ]
            );
            // Make sure this array is sorted!
            if (($typearr[1] == 'alpha_functionName')
                || ($typearr[1] == 'alpha_columnType') || ($typearr[1] == 'punct')
                || ($typearr[3] == 'digit_integer') || ($typearr[3] == 'digit_hex')
                || ($typearr[3] == 'digit_float')
                || ($typearr[0] == 'alpha_reservedWord' && $keyword_brackets_2before)
                || ($typearr[1] == 'alpha_reservedWord' && $keyword_brackets_1before)
            ) {
                $functionlevel++;
                $infunction = true;
                $after      .= ' ';
            } else {
                $indent++;
                if ($mode != 'query_only') {
                    $after .= '<div class="syntax_indent' . $indent . '">';
                } else {
                    $after .= ' ';
                }
            }
            break;
        case 'alpha_identifier':
            if (($typearr[1] == 'punct_qualifier')
                || ($typearr[3] == 'punct_qualifier')
            ) {
                $after      = '';
                $before     = '';
            }
            // for example SELECT 1 somealias
            if ($typearr[1] == 'digit_integer') {
                $before     = ' ';
            }
            if (($typearr[3] == 'alpha_columnType')
                || ($typearr[3] == 'alpha_identifier')
            ) {
                $after      .= ' ';
            }
            break;
        case 'punct_user':
        case 'punct_qualifier':
            $before         = '';
            $after          = '';
            break;
        case 'punct_listsep':
            if ($infunction == true) {
                $after      .= $space_punct_listsep_function_name;
            } else {
                $after      .= $space_punct_listsep;
            }
            break;
        case 'punct_queryend':
            if (($typearr[3] != 'comment_mysql')
                && ($typearr[3] != 'comment_ansi')
                && $typearr[3] != 'comment_c'
            ) {
                $after     .= $html_line_break;
                $after     .= $html_line_break;
            }
            $space_punct_listsep               = ' ';
            $space_punct_listsep_function_name = ' ';
            $space_alpha_reserved_word         = ' ';
            $in_priv_list                      = false;
            break;
        case 'comment_mysql':
        case 'comment_ansi':
            $after         .= $html_line_break;
            break;
        case 'punct':
            $before         .= ' ';

            // workaround for
            // select * from mytable limit 0,-1
            // (a side effect of this workaround is that
            // select 20 - 9
            // becomes
            // select 20 -9
            // )
            if ($typearr[3] != 'digit_integer') {
                $after        .= ' ';
            }
            break;
        case 'punct_bracket_close_round':
            // only close bracket level when it was opened before
            if ($bracketlevel > 0) {
                $bracketlevel--;
                if ($infunction == true) {
                    $functionlevel--;
                    $after     .= ' ';
                    $before    .= ' ';
                } else {
                    $indent--;
                    $before    .= ($mode != 'query_only' ? '</div>' : ' ');
                }
                $infunction    = ($functionlevel > 0) ? true : false;
            }
            break;
        case 'alpha_columnType':
            if ($typearr[3] == 'alpha_columnAttrib') {
                $after     .= ' ';
            }
            if ($typearr[1] == 'alpha_columnType') {
                $before    .= ' ';
            }
            break;
        case 'alpha_columnAttrib':

            // ALTER TABLE tbl_name AUTO_INCREMENT = 1
            // COLLATE LATIN1_GENERAL_CI DEFAULT
            if ($typearr[1] == 'alpha_identifier'
                || $typearr[1] == 'alpha_charset'
            ) {
                $before .= ' ';
            }
            if (($typearr[3] == 'alpha_columnAttrib')
                || ($typearr[3] == 'quote_single')
                || ($typearr[3] == 'digit_integer')
            ) {
                $after     .= ' ';
            }
            // workaround for
            // AUTO_INCREMENT = 31DEFAULT_CHARSET = utf-8

            if ($typearr[2] == 'alpha_columnAttrib'
                && $typearr[3] == 'alpha_reservedWord'
            ) {
                $before .= ' ';
            }
            // workaround for
            // select * from mysql.user where binary user="root"
            // binary is marked as alpha_columnAttrib
            // but should be marked as a reserved word
            if (/*overload*/mb_strtoupper($arr[$i]['data']) == 'BINARY'
                && $typearr[3] == 'alpha_identifier'
            ) {
                $after     .= ' ';
            }
            break;
        case 'alpha_functionName':
            break;
        case 'alpha_reservedWord':
            // do not uppercase the reserved word if we are calling
            // this function in query_only mode, because we need
            // the original query (otherwise we get problems with
            // semi-reserved words like "storage" which is legal
            // as an identifier name)

            if ($mode != 'query_only') {
                $arr[$i]['data'] = /*overload*/mb_strtoupper($arr[$i]['data']);
            }

            list($before, $in_priv_list) = PMA_SQP_getBeforeAndInPrivList(
                $arr, $typearr, $keywords_no_newline, $i, $in_priv_list,
                $space_alpha_reserved_word, $before, $keywords_priv_list
            );

            list($space_punct_listsep, $space_alpha_reserved_word)
                = PMA_SQP_getListsepAndReservedWord(
                    $arr[$i]['data'], $in_priv_list, $html_line_break,
                    $space_punct_listsep, $space_alpha_reserved_word
                );

            $after         .= ' ';
            break;
        case 'digit_integer':
        case 'digit_float':
        case 'digit_hex':
            /**
             * @todo could there be other types preceding a digit?
             */
            if ($typearr[1] == 'alpha_reservedWord') {
                $after .= ' ';
            }
            if ($infunction && $typearr[3] == 'punct_bracket_close_round') {
                $after     .= ' ';
            }
            if ($typearr[1] == 'alpha_columnAttrib') {
                $before .= ' ';
            }
            break;
        case 'alpha_variable':
            $after      = ' ';
            break;
        case 'quote_double':
        case 'quote_single':
            // workaround: for the query
            // REVOKE SELECT ON `base2\_db`.* FROM 'user'@'%'
            // the @ is incorrectly marked as alpha_variable
            // in the parser, and here, the '%' gets a blank before,
            // which is a syntax error
            if ($typearr[1] != 'punct_user'
                && $typearr[1] != 'alpha_bitfield_constant_introducer'
            ) {
                $before        .= ' ';
            }
            if ($infunction && $typearr[3] == 'punct_bracket_close_round') {
                $after     .= ' ';
            }
            break;
        case 'quote_backtick':
            // here we check for punct_user to handle correctly
            // DEFINER = `username`@`%`
            // where @ is the punct_user and `%` is the quote_backtick
            if ($typearr[3] != 'punct_qualifier'
                && $typearr[3] != 'alpha_variable'
                && $typearr[3] != 'punct_user'
            ) {
                $after     .= ' ';
            }
            if ($typearr[1] != 'punct_qualifier'
                && $typearr[1] != 'alpha_variable'
                && $typearr[1] != 'punct_user'
            ) {
                $before    .= ' ';
            }
            break;
        default:
            break;
        } // end switch ($typearr[2])

        /*
        if ($typearr[3] != 'punct_qualifier') {
            $after             .= ' ';
        }
        $after                 .= "\n";
        */
        $str .= $before;
        if ($mode == 'text') {
            $str .= htmlspecialchars($arr[$i]['data']);
        } else {
            $str .= $arr[$i]['data'];
        }
        $str .= $after;
    } // end for
    // close unclosed indent levels
    while ($indent > 0) {
        $indent--;
        $str .= ($mode != 'query_only' ? '</div>' : ' ');
    }

    return $str;
} // end of the "PMA_SQP_format()" function

/**
 * Define variables for PMA_SQP_format
 *
 * @param array   $arr                       The SQL queries
 * @param array   $typearr                   Types
 * @param array   $keywords_no_newline       Reserved words without newline placed
 *                                           near them
 * @param int     $index                     Index in $arr
 * @param boolean $in_priv_list              Is in privilege list
 * @param string  $space_alpha_reserved_word Reserved word separator
 * @param string  $before                    String before
 * @param array   $keywords_priv_list        Keywords list of privileges
 *
 * @return array
 */
function PMA_SQP_getBeforeAndInPrivList(
    $arr, $typearr, $keywords_no_newline, $index, $in_priv_list,
    $space_alpha_reserved_word, $before, $keywords_priv_list
) {
    if (!((($typearr[1] != 'alpha_reservedWord')
        || (($typearr[1] == 'alpha_reservedWord')
        && isset($keywords_no_newline[/*overload*/mb_strtoupper($arr[$index - 1]['data'])])))
        && ($typearr[1] != 'punct_level_plus')
        && (!isset($keywords_no_newline[$arr[$index]['data']])))
    ) {
        $before .= ' ';
        return array($before, $in_priv_list);
    }

    // do not put a space before the first token, because
    // we use a lot of pattern matching checking for the
    // first reserved word at beginning of query
    // so do not put a newline before
    //
    // also we must not be inside a privilege list
    if ($index > 0) {
        // the alpha_identifier exception is there to
        // catch cases like
        // GRANT SELECT ON mydb.mytable TO myuser@localhost
        // (else, we get mydb.mytableTO)
        //
        // the quote_single exception is there to
        // catch cases like
        // GRANT ... TO 'marc'@'domain.com' IDENTIFIED...
        /**
         * @todo fix all cases and find why this happens
         */

        if (!$in_priv_list
            || in_array(
                $typearr[1],
                array('alpha_identifier', 'quote_single', 'white_newline')
            )
        ) {
            $before .= $space_alpha_reserved_word;
        }
        return array($before, $in_priv_list);
    }

    // on first keyword, check if it introduces a
    // privilege list
    if (isset($keywords_priv_list[$arr[$index]['data']])) {
        $in_priv_list = true;
    }
    return array($before, $in_priv_list);
}

/**
 * Define variables for PMA_SQP_format
 *
 * @param string  $data                      Data to check
 * @param boolean $in_priv_list              In privilege list
 * @param string  $html_line_break           HTML line break
 * @param string  $space_punct_listsep       List separator
 * @param string  $space_alpha_reserved_word Space between reserved words
 *
 * @todo check definition of $space_punct_listsep and $space_alpha_reserved_word
 *
 * @return array Variables needed by PMA_SQP_format
 */
function PMA_SQP_getListsepAndReservedWord(
    $data, $in_priv_list, $html_line_break, $space_punct_listsep,
    $space_alpha_reserved_word
) {
    switch ($data) {
    case 'CREATE':
    case 'ALTER':
    case 'DROP':
    case 'RENAME';
    case 'TRUNCATE':
    case 'ANALYZE':
    case 'ANALYSE':
    case 'OPTIMIZE':
        if (!$in_priv_list) {
            $space_punct_listsep = $html_line_break;
            $space_alpha_reserved_word = ' ';
        }
        break;
    case 'EVENT':
    case 'TABLESPACE':
    case 'TABLE':
    case 'FUNCTION':
    case 'INDEX':
    case 'PROCEDURE':
    case 'SERVER':
    case 'TRIGGER':
    case 'DATABASE':
    case 'VIEW':
    case 'GROUP':
        break;
    case 'SET':
        if (!$in_priv_list) {
            $space_punct_listsep = $html_line_break;
            $space_alpha_reserved_word = ' ';
        }
        break;
    case 'EXPLAIN':
    case 'DESCRIBE':
    case 'DELETE':
    case 'SHOW':
    case 'UPDATE':
        if (!$in_priv_list) {
            $space_punct_listsep = $html_line_break;
            $space_alpha_reserved_word = ' ';
        }
        break;
    case 'INSERT':
    case 'REPLACE':
        if (!$in_priv_list) {
            $space_punct_listsep = $html_line_break;
            $space_alpha_reserved_word = $html_line_break;
        }
        break;
    case 'VALUES':
        $space_punct_listsep = ' ';
        $space_alpha_reserved_word = $html_line_break;
        break;
    case 'SELECT':
        $space_punct_listsep = ' ';
        $space_alpha_reserved_word = $html_line_break;
        break;
    case 'CALL':
    case 'DO':
    case 'HANDLER':
        break;
    default:
        break;
    }
    return array($space_punct_listsep, $space_alpha_reserved_word);
}

/**
 * Gets SQL queries with no format
 *
 * @param array $arr The SQL queries list
 *
 * @return string  The SQL queries with no format
 *
 * @access public
 */
function PMA_SQP_formatNone($arr)
{
    $formatted_sql = htmlspecialchars($arr['raw']);
    $formatted_sql = preg_replace(
        "@((\015\012)|(\015)|(\012)){3,}@",
        "\n\n",
        $formatted_sql
    );

    return $formatted_sql;
} // end of the "PMA_SQP_formatNone()" function

/**
 * Checks whether a given name is MySQL reserved word
 *
 * @param string $column The word to be checked
 *
 * @return boolean whether true or false
 */
function PMA_SQP_isKeyWord($column)
{
    global $PMA_SQPdata_forbidden_word;
    return in_array(
        /*overload*/mb_strtoupper($column),
        $PMA_SQPdata_forbidden_word
    );
}

/**
 * Get Parser Data Map from sqlparser.data.php
 *
 * @return Array Parser Data Map from sqlparser.data.php
 */
function PMA_SQP_getParserDataMap()
{
    include 'libraries/sqlparser.data.php';
    return array(
        'PMA_SQPdata_function_name'  => $PMA_SQPdata_function_name,
        'PMA_SQPdata_column_attrib'  => $PMA_SQPdata_column_attrib,
        'PMA_SQPdata_reserved_word'  => $PMA_SQPdata_reserved_word,
        'PMA_SQPdata_forbidden_word' => $PMA_SQPdata_forbidden_word,
        'PMA_SQPdata_column_type'    => $PMA_SQPdata_column_type,
    );
}

/**
 * Get Parser analyze Map from parse_analyze_inc.php
 *
 * @param array $sql_query The SQL string
 * @param array $db        Current DB
 *
 * @return Array analyze Map from parse_analyze_inc.php
 */
function PMA_SQP_getParserAnalyzeMap($sql_query, $db)
{
    include 'libraries/parse_analyze.inc.php';
    return $analyzed_sql_results;
}

/**
 * Get Aliases from select query
 * Note: only useful for select query on single table.
 *
 * @param string $select_query The Select SQL Query
 * @param string $db           Current DB
 *
 * @return Array alias information from select query
 */
function PMA_SQP_getAliasesFromQuery($select_query, $db)
{
    if (empty($select_query) || empty($db)) {
        return array();
    }
    $analyzed_sql = PMA_SQP_analyze(PMA_SQP_parse($select_query));
    $aliases = array(
        $db => array(
            'alias' => null,
            'tables' => array()
        )
    );
    foreach ($analyzed_sql[0]['table_ref'] as $table) {
        $t_db = !empty($table['db']) ? $table['db'] : $db;
        if (!isset($aliases[$t_db])) {
            $aliases[$t_db] = array(
                'alias' => null,
                'tables' => array()
            );
        }
        $aliases[$t_db]['tables'][$table['table_true_name']] = array(
            'alias' => !empty($table['table_alias'])
                ? $table['table_alias'] : null,
            'columns' => array()
        );
    }
    foreach ($analyzed_sql[0]['select_expr'] as $cols) {
        if (!empty($cols['alias'])) {
            $t_db = !empty($cols['db']) ? $cols['db'] : $db;
            if (!empty($cols['table_true_name'])) {
                $aliases[$t_db]['tables'][$cols['table_true_name']]
                ['columns'][$cols['column']] = $cols['alias'];
            } else {
                foreach ($aliases[$t_db]['tables'] as $key => $table) {
                    $aliases[$t_db]['tables'][$key]
                    ['columns'][$cols['column']] = $cols['alias'];
                }
            }
        }
    }
    return $aliases;
}

?>
